Return-Path: 
 <users-return-1327-apmail-deltaspike-users-archive=deltaspike.apache.org@deltaspike.apache.org>
X-Original-To: apmail-deltaspike-users-archive@www.apache.org
Delivered-To: apmail-deltaspike-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 4DEDA188D3
	for <apmail-deltaspike-users-archive@www.apache.org>;
 Fri, 13 Nov 2015 15:08:15 +0000 (UTC)
Received: (qmail 63700 invoked by uid 500); 13 Nov 2015 15:08:15 -0000
Delivered-To: apmail-deltaspike-users-archive@deltaspike.apache.org
Received: (qmail 63665 invoked by uid 500); 13 Nov 2015 15:08:15 -0000
Mailing-List: contact users-help@deltaspike.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@deltaspike.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@deltaspike.apache.org>
List-Post: <mailto:users@deltaspike.apache.org>
List-Id: <users.deltaspike.apache.org>
Reply-To: users@deltaspike.apache.org
Delivered-To: mailing list users@deltaspike.apache.org
Received: (qmail 63652 invoked by uid 99); 13 Nov 2015 15:08:14 -0000
Received: from Unknown (HELO spamd1-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 13 Nov 2015 15:08:14 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org)
 with ESMTP id 697D1C61CB
	for <users@deltaspike.apache.org>; Fri, 13 Nov 2015 15:08:14 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 2.88
X-Spam-Level: **
X-Spam-Status: No, score=2.88 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	HTML_MESSAGE=3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01,
	SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=disabled
Authentication-Results: spamd1-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=gmail.com
Received: from mx1-us-east.apache.org ([10.40.0.8])
	by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new,
 port 10024)
	with ESMTP id kdyeS7etwE7S for <users@deltaspike.apache.org>;
	Fri, 13 Nov 2015 15:08:10 +0000 (UTC)
Received: from mail-ob0-f174.google.com (mail-ob0-f174.google.com
 [209.85.214.174])
	by mx1-us-east.apache.org (ASF Mail Server at mx1-us-east.apache.org) with
 ESMTPS id 244F142B20
	for <users@deltaspike.apache.org>; Fri, 13 Nov 2015 15:08:10 +0000 (UTC)
Received: by obbww6 with SMTP id ww6so75398347obb.0
        for <users@deltaspike.apache.org>;
 Fri, 13 Nov 2015 07:08:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :content-type;
        bh=x9evqDGr9wvcDGWl6teCZnuU+ZBIWe86lHSOHu0s7c4=;
        b=Fc5UHUHFWNqQ9YTZF7Tp2a/6f5wIHb5Vqvb5ADGIlGVO690aDfy6n0BJFpMwVnVH/n
         2NbIj36m7uEBQQsNhZ/8VQdJH9xsh4BEgcWbrPFxQTbisQ94llziK08hACnyQ/L1X3MW
         2tsJoIH2GxSTzMp5CsZUnxs2EHlHN2iWgrp0ZfdptZSBkrnS5Am+TcrllPEa7pmcQi2S
         G7i31od6ZwXa9/kMmzfsbOtPSFUBxavUfMu1gyzsDp7TCGdwSEwj93cvb/OQy+ytBp+A
         zU0y5yvzPfrTg+iJeOS5+nwzzDPX5j5TWrexziIoQi//6mnldIPdto58be9sV3RkejRU
         v4mg==
X-Received: by 10.182.66.8 with SMTP id b8mr13100725obt.53.1447427289608; Fri,
 13 Nov 2015 07:08:09 -0800 (PST)
MIME-Version: 1.0
Received: by 10.202.60.197 with HTTP; Fri, 13 Nov 2015 07:07:50 -0800 (PST)
In-Reply-To: 
 <CANeU0Grygjbu5S8bgchzFb1HQ8MJt0omd0O+bPMxH0FHpdZm7w@mail.gmail.com>
References: 
 <CANeU0Grygjbu5S8bgchzFb1HQ8MJt0omd0O+bPMxH0FHpdZm7w@mail.gmail.com>
From: Gerhard Petracek <gerhard.petracek@gmail.com>
Date: Fri, 13 Nov 2015 16:07:50 +0100
Message-ID: 
 <CAGJtJfETnR5e_1CQdt5NQ-kMB6oSUioLg9YQTXx7Y-aNP4g+1Q@mail.gmail.com>
Subject: Re: Question about page parameters and access decision voters
 evaluation
To: users@deltaspike.apache.org
Content-Type: multipart/alternative; boundary=e89a8f923faa6f78e605246d6d90

--e89a8f923faa6f78e605246d6d90
Content-Type: text/plain; charset=UTF-8

hi juan,

i'll have a look at your demo soon.

regards,
gerhard



2015-11-13 15:54 GMT+01:00 Juan Pablo <jpangamarca@gmail.com>:

> Hello guys, I have a question, why access decision voters on views (defined
> in a typesafe view-config) are evaluated before any page parameters are
> set? Authorization could change in function of the page params (say, a page
> used to create/edit an entity depending on a parameter passed to it, and
> the user could be authorized only to edit, not to create new entities). Is
> this the expected behavior? In Seam for example, the evaluation order is
> page params, restrict expressions (analogous to access decision voters) and
> then page actions, so the described use case can be implemented without any
> problems. Here's the demo for my case, with an extended discussion:
> https://github.com/jpangamarca/deltaspike-authorization-demo. Any chances
> of supporting that kind of authorization requirements? Should I file a
> ticket?
>
> Thanks for your attention.
>

--e89a8f923faa6f78e605246d6d90--